Vulnerability Details : CVE-2020-7729
Potential exploit
The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.
Products affected by CVE-2020-7729
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
- cpe:2.3:a:gruntjs:grunt:*:*:*:*:*:node.js:*:*
Exploit prediction scoring system (EPSS) score for CVE-2020-7729
2.83%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 85 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2020-7729
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
4.6
|
MEDIUM | AV:N/AC:H/Au:S/C:P/I:P/A:P |
3.9
|
6.4
|
NIST | |
|
7.1
|
HIGH | CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H |
1.2
|
5.9
|
Snyk |
CWE ids for CVE-2020-7729
-
The product initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.Assigned by: nvd@nist.gov (Primary)
References for CVE-2020-7729
-
https://snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-607922
Arbitrary Code Execution in org.webjars.npm:grunt | SnykThird Party Advisory
-
https://github.com/gruntjs/grunt/commit/e350cea1724eb3476464561a380fb6a64e61e4e7
Switch to use `safeLoad` for loading YML files via `file.readYAML`. · gruntjs/grunt@e350cea · GitHubPatch;Third Party Advisory
-
https://lists.debian.org/debian-lts-announce/2020/09/msg00008.html
[SECURITY] [DLA 2368-1] grunt security updateMailing List;Third Party Advisory
-
https://snyk.io/vuln/SNYK-JS-GRUNT-597546
Arbitrary Code Execution in grunt | SnykExploit;Third Party Advisory
-
https://usn.ubuntu.com/4595-1/
USN-4595-1: Grunt vulnerability | Ubuntu security notices | UbuntuThird Party Advisory
Jump to